Search
Close
Search
Advanced Search
Search Menu

Abstract

Flush+Reload is a powerful access-driven cache attack in which the attacker leverages a security weakness in the X86 processor architecture to extract the private data of the victim. This attack can be mounted in a cross-core setting, where the memory deduplication is enabled and several users are sharing the same physical machine. In this paper, for the first time, we demonstrate that SEED implementation of OpenSSL 1.1.0 running inside the victim VM is vulnerable against the Flush+Reload attacks and the attacker can recover the keys of this encryption. SEED is a standard encryption algorithm that was developed by the Korea Information Security Agency (KISA) and has been used for confidential services in the Republic of Korea. Our work demonstrates that the attacker can retrieve the secret keys of SEED in 3 min in the native setup and 4 min in the cross-VM setup by performing the Flush+Reload technique. Our experimental results show that common implementation of this standard cipher is vulnerable to Flush+Reload attack in both native and cross-VM settings. To the best of our knowledge, this paper presents the first cache-based attack on a SEED block cipher.

© The Author(s) 2021. Published by Oxford University Press on behalf of The British Computer Society. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com
This article is published and distributed under the terms of the Oxford University Press, Standard Journals Publication Model (https://academic.oup.com/journals/pages/open_access/funder_policies/chorus/standard_publication_model)
Issue Section:
Section D: Security in Computer Systems and Networks
You do not currently have access to this article.
Download all slides